I continue to talk with clients who understand the concept of private cloud computing, they think they know it when they see it, but they can’t quite explain it in words. A year ago I described The Spectrum of Private to Public Cloud Services, but I didn’t put that in the form of a definition. Here’s a shot.

Gartner’s official definition of cloud computing is “A style of computing where scalable and elastic IT-enabled capabilities are delivered as a service to customers using Internet technologies.” We also describe five defining attributes of cloud computing: service-based, scalable and elastic, shared, metered by use, uses Internet technologies. A key to cloud computing is an opaque boundary between the customer and the provider. Graphically, that looks like this:

When the customer does not see the implementation behind the boundary, and the provider doesn’t care who the customer is, you have a public cloud service. So what is private cloud?

Private cloud is “A form of cloud computing where service access is limited or the customer has some control/ownership of the service implementation.”

Graphically, that means that either the provider tunnels through that opaque boundary and limits service access (e.g., to a specific set of people, enterprise or enterprises), or the customer tunnels through that opaque boundary through ownership or control of the implementation (e.g., specifying implementation details, limiting hardware/software sharing). Note that control/ownership is not the same as setting service levels – these are specific to the implementation, and not even visible through the service.

The ultimate example would be enterprise IT, building a private cloud service used only by its enterprise. But there are many other examples, such as a virtual private cloud (the same as the example above, except replace ‘enterprise IT’ with ‘third-party provider’), and community clouds (the same as a virtual private cloud, except opened up to a specific and limited set of different enterprises).

Private-cloud (better known as on-premise) is simply legacy on-premise vendors leveraging the terminology and benefits of actual cloud computing in their marketing literature.

It’s a shame that Gartner, Forrester and others have bought into this as well – of course they have to keep the lights on so it’s very understandable.

How does a customer get a private-cloud? Purchase software and hardware products of course. The definition of private-cloud is exactly the same as on-premise. The private-cloud maintains the status quo. That’s why it’s popular.

Not true, Joe. You could also say that cloud computing is just outsourcing. You’re hung up on asset location/ownership and missing the fundamental change in style of computing. Cloud is mainly defined by the change in the relationship and interface between the customer and the provider. If I can fill in a form on a portal and get IT resources as a service without manual operator intervention, if the architecture behind the service uses dynamic, flexible, shared resources, etc. I don’t care if the servers are sitting in Google data centers or my enterprise’s data centers – this is cloud computing. How many enterprise IT organizations do this? Very few.

Agree that we can argue what kind of economies of scale and enterprise can achieve vs. a service provider, but that’s a matter of scale, not functionality, or speed, or style.

I’d also be curious what your thoughts are about Amazon Reserved Instances – where you pay an up-front fee per virtual server in order to help Amazon with capacity planning and to reduce your per-hour cost. This essentially requires customers to do their own capacity planning. And what about having the option to request non-shared hardware and software – virtual private clouds, etc.?

The line between cloud computing and “status quo” isn’t just about asset ownership and location. It’s about a style of computing, and there’s a lot of gray here.

I agree that the marketing hype is huge, and that vendors are slapping the cloud and private cloud label on all kinds of existing software (and hardware) products. But that doesn’t mean there isn’t a real trend here.

Outsourcing typically means paying someone else to run your infrastructure as is, at your place, theirs, or some third-party hosting facility. The only thing that really changes is that instead of paying salaries you pay a premium for consulting rates. Sure you can get on with making widgets but you lose some control and pay more for the privilege.

“Private cloud” on the other hand almost always refers to the evolution of virtualisation and has very little in common with true multi-tenant cloud computing. From the birds eye view of a CxO it just means that instead of having to provision resources on request (usually by way of a web/email-based ticketing system anyway) you have to stockpile them so you’re ready the second someone asks. As Joe said, you still have to buy and maintain hardware and software and if you were already using virtualisation then most of the benefit from consolidation has already been realised long ago.

This is one of the single biggest sources of confusion relating to cloud computing, without which we would be able to focus on the costs and benefits of each model rather than recurring discussions about definitions. Most mainstream articles on the subject completely ignore “private cloud” these days and it would be good if us professionals were to start doing the same.

Sam, cloud computing is not only about SaaS – which is what you imply when you describe “true multitenant cloud computing”. Are you saying that IaaS (infrastructure as a service) cannot be cloud because it isn’t a software service? I would agree that a SaaS service that wasn’t multitenant wouldn’t really be true cloud. Likewise, infrastructure as a service – if the hardware wasn’t shared in some way – wouldn’t be true cloud. But if I’m sharing the hardware, using VMs or some other mechanism, that is multitenant – just multitenant hardware.

Private cloud is almost entirely going to be based on virtual machines. The vast majority of these private clouds will evolve to become hybrid (overdrafting to public cloud IaaS). Many of them will fully migrate to public IaaS, over time. Private cloud is a near-term solution leading to full IaaS.

IaaS is not the right solution for new applications – new apps will be written with the cloud in mind, probably on a PaaS, probably with global class and multitenancy and operational awareness and detached state all in mind. But old apps have a way of living on for decades. IaaS will often be the right solution for them. Nothing wrong with starting on a private cloud until public cloud IaaS meets their security/compliance/availability/performance needs.

It’s interesting that you should differentiate between cloud infrastructure, platforms and applications (I still can’t bring myself to say *aaS!) because they’re all multitenant – whether it’s user sessions, deployed applications or virtual machines running alongside each other on the same hardware.

You’re right that “private cloud is almost entirely going to be based on virtual machines”, that it’s “not the right solution for new applications” and that “many of them will fully migrate to public [cloud infrastructure services]”, however private cloud isn’t positioned as an ephemeral migration path for legacy applications, rather a legitimate alternative.

To be completely candid, I personally see private cloud as a (surprisingly effective) marketing exercise by opportunistic goods & services vendors seeking to maintain relevance in a world where computing resources are delivered as a utility by a third party; in other words – snake oil. It promises the same benefits but without massive scale and multitenancy it cannot possibly deliver on them. I think a lot of enterprises are going to be disappointed when pilots show only incremental benefit over the status quo and I just hope that doesn’t reflect badly on cloud computing in general.

Totally agree that putting lipstick on a pig isn’t the solution. Many vendors are re-positioning existing products as “private cloud” offerings, and in most cases they might provide some element of a cloud architecture, but not most of it. We are spending a lot of energy telling our clients that private cloud IaaS is an on-ramp to public cloud IaaS, and any vendor solution that does not lead that way is selling you the pretty pig. Also, vendors are attempting to capture customers for “their” public cloud solutions by building on-ramps that only lead to “their” public cloud solutions. This is selling you the pig, and then telling you that you will live on pork for the rest of your life. We are telling our clients that private cloud can generate immediate benefits, but should be seen as an on-ramp to the public cloud, and building a long-term plan on your public cloud vision RIGHT NOW is important – otherwise, you’ll get stuck eating pork forever.

I really hate to break the news, but private cloud was only invented to give traditional vendors and system integrators a piece of the market, and bridge the gap from traditional IT. It never ever was a goal from Cloud perspective

So, redefining the meaning here:

Private cloud is “A form of cloud computing that benefits traditional vendors and system integrators over their customers and real, public cloud”

If we can step back from the the black-and-white view of old and traditional equals bad and new and cloud = good, maybe we can be more pragmatic about this. What, exactly, should a large enterprise with thousands of legacy applications and thousands of servers do?

Wrong answer is do nothing. Wrong answer is throw away their investment and start over. Wrong answer is to declare victory and declare they are already “a cloud”.

Cloud computing is a new style of computing – a change in the relationship between the customer and the provider. Enterprises should (and can) start on that change NOW. Technology is not the fundamental issue in these enterprises – it’s culture, relationship, politics, organization.

For legacy applications, virtualization is a great starting point in technology that helps force some of the cultural, relationship, politics, organization, funding issues. Because of this, virtualization has an ROI not only in expense, but also in moving the organization in the direction of the cloud computing style.

Once an organization has thousands of VMs, managing hardware resources as a pool, disaggregates users from hardware, charges based on usage, automates how VMs are deployed, it is not a difficult step to add a self-service interface for SOME of those IaaS requests (within a service catalog), and to include some form of metering/chargeback. Organizations have already built these “private clouds” for development and test environments – with proven ROI.

Once those culture, et al changes, and technologies like self-service and metering are in place, IT has the freedom to change the sourcing behind the interface from on-premises to off-premises. We are already seeing some organizations building an overdrafting architecture in areas like dev/test. I expect that will lead many of these organizations to phase out their internal dev/test resources (or at least the majority) to use external cloud services instead.

This same transition can and will take place with general purpose infrastructure. Private clouds moving to hybrid and possibly to public entirely, over time, as service mature to meet security, compliance, etc. needs.

All this said, in PARALLEL, new applications should be developed with a new paradigm in mind. First, can I buy it as SaaS? Second, can I develop it on a PaaS (possibly for on-premises deployment, or possibly only off-premises)? These new applications will tend to be global class/multitenant/stateless/platform-scalable, etc.

So, I agree that virtual machines and private cloud is not the end-state or the nirvana, and I agree vendors over-hype and try to force lock-in (both traditional and cloud, by the way), but virtual machines and private cloud can be very pragmatic steppingstones for legacy applications to use IaaS in the public cloud. Our advice is to analyze it on an ROI basis. If a public cloud service is available that meets your needs now at the right price, go. If not, before investing internally ensure that you have a good business case for developing your own stuff and ensure that it leads you strategically to sourcing choices in the future, etc.

I see you’re starting from the enterprise PoV – that does make sense if you want to defend private cloud
Sam starts from the pure Cloud PoV – hence his definition (which I agree with). I somewhat agree with yours too, again, from the ent PoV (I’ve been working in enterprises for a dozen years now on behalf of Capgemini)

Every single department that has a new or old or halfbaked idea, needs a separate server with separate storage with unique this and special that and yesyesyes, you’re absolutely right about the “culture, relationship, politics, organization” – Cloud could be a perfect straightjacket just as SAP and Oracle (Siebel) are. Are either of them great packages? No. They cost millions and million to implement and after 5 years you’re stuck with the same problems be cause the same “culture, relationship, politics, organization” still wants to own / change / mess up their part of the software stack

Yes I totally agree on the virtualisation

You make excellent points Tom, coming from a Gartner-basher like me you should feel honoured – I really appreciate the lengthy response and summary

Last but not least, I’m not sure we should Cloud all there is. Simply because it means great, grand and gross standardisation, making everyone and everything absolutely equal – and there sometimes simply is too much diversity on our current side to make a business case for that

Remains the question of what the difference is between private cloud and simple on-premise full-fledged / -metered virualisation – I guess it’s the pricetag and the vendor / SI involvement LOL

[…] definitions have been advanced by a number of notable individuals and groups — and sometimes heated discussion has followed their introduction — but the disputation still hasn’t resulted in consensus and shared understanding, though […]

Great blog. I’m currently doing a research project on Cloud Computing with my postgrad study. On some of the points described above, I can see how Sam would focus his argument on multitenant. Whether we talk SaaS (e.g. Salesforce), public or private IaaS (e.g. Amazon Web Services), the core tennant to the Cloud Computing model is the abstraction of the underlying architecture and technology from the “higher-level” management/consumers.

The SaaS multi-tenant architecture or IaaS virtualisation architecture effectively deliver the same set of business benefits (besides cost reduction), which in my view the number goal for most organisations is much shorter deployment times.

From my experience this is the single biggest benefit, helping enterprises becoming more “agile”, changing business processes, deploying IT services etc. faster. It will also fundamentally change the relationship, perspective and position of IT in the business, from “takes too long, and high cost” to competitive, flexible and a partner.

On another note, and in relation to my project, I’m evaluating potential IaaS opportunities for a case study. I came across an article on computerworld.com where you commented on the VBlock collaboration between EMC, Cisco and VMware, specifically that the offering lacked higher level management software to allow seamless and automatic provisioning of capacity without manual intervention.

From what I could work out, the VBlock infrastructure appears to allow for fast deployment of new VM’s, environments etc. Is it the deployment of new physical (proprietary) servers that your referring to? Wouldn’t the management components, (Cisco UCS Manager, EMC Ionix Unified Infrastructure Manager, VMware vCenter) provide this type of service? (btw, I’m not an infrastructure guy so I’m not across some of the more technical details) Would the offering need to be combined with BMC’s BladeLogic (or similar, if indeed this is possible) in order to make it truly a private cloud solution?

Well, many of my clients do not want to hand over their application processing and data to an outside company. However, they do want to take advantage of the potential that cloud computing offers but only within their own controlled data center environment. Does hosting cloud computing services within your own data center mean that it is no longer a cloud computing environment if it is not hosted on Google or Amazon infrastructure? I think that definition would be very short sighted and self serving of organizations like Google and Amazon and others that want to become the CPU hydro company of the future. There are many large organizations like Walmart and others that are perfectly capable of supporting cloud computing services within their own IT infrastructure, some of which rivals Google and Amazon and others.

So perhaps the terminology or nomanclature is all wrong when it comes to the terms that have been used for cloud computing. As you all know public cloud computing service providers offer private cloud computing services. So when is a cloud private to an organization or not?

Perhaps terms like locally hosted cloud or externally hosted cloud should come into the vocabulary, or something like that in order to better differentiate the way that cloud computing is implemented. I do not know what the right term is but I do know that organizations will implement cloud technology within their own without the use of utility providors like Google and Amazon and Microsoft.

I have impleted an OpenNebula Cloud Computing infrastructure in my basement that is accessible on the Internet but only to registed clients. Does that make it a Public or Private cloud computing solution?

I’ve been working with Network Operating Systems since NetWare 2.15, Banyan Vines, IBM PC Net, and many other variations of NetBIOS based networks, as well as SCO Unix and IBM AX, and so on. Cloud computing is simply an evolution of the network operating system beyohnd a couple of servers, and a good one.

At this point I think people are getting hung up on terminology and definitions as opposed to the potential that cloud computing provides regards of where it is implemented and on whose hardward it is implemented upon.

[…] talk about the cloud has moved past discussions of the applicability of public cloud technology, private cloud technology or hybrid technology. By now it is pretty clear that all these variations will find some role in […]

[…] they’ve been selling all along? Or, is it as Tom Bittman, analyst at Gartner clarified, a distinct form of Cloud computing , “… where service access is limited or the customer has some control/ownership of the service […]

From an ERP on the Cloud Perspective: Working thru the jungle of cloud offerings is all about ROI. I liken it to buying a car. Most people get a new car about every 3-6 years. Virtually no one goes to school to be a certified mechanic for each make & model. Some drive it and pump gas. Some do that plus change the oil. Why even change the tires when you can get someone with the right training and equipment to do it inexpensively who will guarantee the work? Even replacing tires requires a lift, a dynamic balancing machine, an array of calibrated zinc tire weights, and specialized knowledge. Aren’t the applications we operate the same? Aren’t the Platforms and underlying infrastructure the analogous?
IaaS removes the cost and labor from infrastructure deployment and ongoing care & feeding. PaaS does the same for application platforms, and SaaS does the same for the enterprise applications.
If you can contract with a reputable vendor to supply these at the right price, with service level guarantees, you win.
The right price is equal to or less than your cost internally (personnel + hardware + upgrades + help desk support + software maintenance + DR + data center costs). I say “equal to” is a win because the best enterprise software cloud vendors include all costs of running an application and remove the risk you would otherwise hold (risk of overrunning those costs if done internally). Anyone who has implemented or upgraded SAP, Oracle, Lawson, Kronos – you name the application – has seen estimates above what you budgeted, scope creep / overruns, and has seen it take a toll on the organization. If you can get it all for a set monthly price that is at or below your internal costs, then do it.
Done right, Hybrid Private Cloud vendors should be able to deliver the specialized knowledge and economies of scale to deliver a better experience than can be reasonably expected to be built from in-house components. The best vendors also wrap the ERP experience with intellectual property which improves the user experience in the areas of reporting, security administration, audit, etc. Given unlimited funds, an in-house IT department could do the same, but why spend more to deliver the same results? There are so many ways IT can add value and give their organizations a competitive edge, usually with customer-facing systems that drive revenue and boost company image. Platforms and ERP should just work, and companies should partner with cloud vendors who can make ERP like dial tone.

[…] (i.e. shared with other entities/corporations/enterprises). Private clouds are typically dedicated to a single enterprise – i.e. not shared with other firms. I realize the above definitions are […]

[…] can exist because there are gaps between the areas users and providers control and own. The known boundary between what the cloud user can control and view and what the cloud provider can view and c… is the root source of enterprise executives’ concerns with public […]

“Bet the Farm” is the advice being given to all IT channel companies when it comes to “THE CLOUD!”

STOP what you are doing RIGHT NOW!!! And focus all of your efforts and resources on the market segment that, in 4 or 5 years, MIGHT skyrocket to almost 15% of total IT spending! (15% being the very high end of the “most optimistic projection” that I can find.)

What am I missing? Please, someone help me understand why EVERY channel company is being urged to ignore 85% of the market or MORE … and go “ALL IN” on a market segment that in 4 – 5 has a top projection of 15% of total …

It’s OK to ignore the fact that “the ultimate client’s” intellectual property and their most essential data could be given to 800 million or more of their closest friends around the world in the blink of an eye. Tell them, not to worry about the security issues… it’ll be someone else’s job to protect it … like only “they” can…

What’s not to love about pie in the sky?

Can someone show me … and EVERYONE else working in the channel … some numbers that back the euphoria “of all things cloud?” Some number that are projected to be more than 15% of the total … in 4 – 5 years????

[…] can exist because there are gaps between the areas users and providers control and own. The known boundary between what the cloud user can control and view and what the cloud provider can view and c… is the root source of enterprise executives’ concerns with public […]

[…] can exist because there are gaps between the areas users and providers control and own. The known boundary between what the cloud user can control and view and what the cloud provider can view and c… is the root source of enterprise executives' concerns with public […]

The use of a could in IT architecture dates back a long way.
The earliest diagrams I can remember drawing had lines coming out of servers and PCs all connecting to a cloud. The cloud represented “the network”.
The point was that from most points of view, all that mattered was the computers could use network services to communicate, but most people didn’t need to be concerned about the details of how the network was implemented.
So you have some services “in the cloud” and some service providers and consumers outside the cloud but using cloud services.

That’s not to say that there are no detailed diagrams of what goes on in the cloud. The point is that those details are of no interest to consumers of the service, although they may very much be of concern to the providers of the service. The providers will generally work hard to maintain this state of affairs, for example, by ensuring that there is always adequate bandwidth to meet demand, and that traffic is routed around faulty components so that people will not start to be concerned that they have to make choices based on some knowledge of what is going on inside the cloud.

The design and development of the internet has extended this concept beyond the boundaries of private networks, so that for many purposes the network connection between two computers works just the same whether they are connected via a real private network or a virtual one. So now you can extend the cloud to include the internet.
This has the effect of creating a relatively level playing field for company office locations as your staff and your servers don’t even have to be located in the same country.

Moving on, then we have the idea of an open market for services over the internet – all sorts of business services, but to start with, you find that services are not all created equal. So you need to make choices based on some knowledge of how those services are implemented – location, capacity etc.

Moving business services “inside the cloud” is about commoditisation of services.
Once a service is in the cloud, you can replace one implementation with another and the consumer (in theory) will not notice.

The catch with this is that although the technical details might not matter, different implementations can pose very different challenges and risks.
So for a private cloud, you have control over the supplier, but run the risk that you are not able to manage the service efficiently and effectively compared to your competitors. This particularly applies to readily commoditisable services. No-one except maybe a national security organisation would find it sensible to run their own web search engine.
This mix will change over time, and it will be much easier to switch a service from privately provided to publicly provided if it is already “in the cloud”.
We are seeing the rise of intelligent services, which can route consumption via one implementation or another based on the required qualities of service, such as security, without the consumer of the service having to be concerned.
We are even seeing the start of government pre-approval of cloud services so that these intelligent services can be trusted.

There is a long way to go, and commoditisation of markets is not a one way street. Organisations seeking a foothold in an established market with a few dominant players tend to push for a level playing field, whereas those with a defensive strategy, typically those with a dominant position, will seek to differentiate their services, and not always by playing fair.
So you might find that as the market changes over time, the language needed to describe variants of cloud services changes to express the things that are genuinely of concern and also the things that marketeers would have us believe differentiate their service from the rest.

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.